Frames | No Frames |
1: /* AWTPermission.java -- AWT related permissions 2: Copyright (C) 2000, 2002 Free Software Foundation 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package java.awt; 40: 41: import java.security.BasicPermission; 42: 43: /** 44: * This class implements permissions for AWT. This is a named 45: * permission. No actions are defined. 46: * 47: * <p>The following table provides a list of all the possible AWTPermission 48: * permission names with a description of what that permission allows.<br> 49: * <table border=1> 50: * <tr><th>Permission Name</th><th>Permission Allows</th><th>Risks</th</tr> 51: * <tr> 52: * <td><code>accessClipboard</code></td> 53: * <td>posting and reading the AWT clipboard</td> 54: * <td>the clipboard may contain sensitive data</td></tr> 55: * <tr> 56: * <td><code>accessEventQueue</code></td> 57: * <td>access to the AWT event queue</td> 58: * <td>malicious code could remove real events and replace them with bogus 59: * ones, including simulating the user granting permission</td></tr> 60: * <tr> 61: * <td><code>listenToAllAWTEvents</code></td> 62: * <td>listen to system-wide AWT events</td> 63: * <td>malicious code can read passwords entered in an AWT event, and in 64: * combination with accessEventQueue, could fake system events</td></tr> 65: * <tr> 66: * <td><code>showWindowWithoutWarningBanner</code></td> 67: * <td>display a window without a banner notification of insecurity</td> 68: * <td>malicious code could install a Trojan horse applet that looks like 69: * a normal window, and thus steal data like passwords</td></tr> 70: * <tr> 71: * <td><code>readDisplayPixels</code></td> 72: * <td>read back pixels from the display screen</td> 73: * <td>malicious code could snoop on the user's actions</td></tr> 74: * <tr> 75: * <td><code>createRobot</code></td> 76: * <td>create an instance of java.awt.Robot</td> 77: * <td>these objects can generate events as though they were the user; so 78: * malicious code could control the system</td></tr> 79: * <tr> 80: * <td><code>fullScreenExclusive</code></td> 81: * <td>enter full-screen exclusive mode</td> 82: * <td>malicious code could masquerade as a trusted program</td></tr> 83: * </table> 84: * 85: * @author Tom Tromey (tromey@redhat.com) 86: * @since 1.2 87: * @status updated to 1.4 88: */ 89: public final class AWTPermission extends BasicPermission 90: { 91: /** 92: * Compatible with JDK 1.2+. 93: */ 94: private static final long serialVersionUID = 8890392402588814465L; 95: 96: /** 97: * Construct a AWTPermission with the given name. 98: * 99: * @param name the permission name 100: * @throws NullPointerException if name is null 101: * @throws IllegalArgumentException if name is invalid 102: */ 103: public AWTPermission(String name) 104: { 105: super(name); 106: } 107: 108: /** 109: * Create a new permission with the specified name. The actions argument 110: * is ignored, as AWT permissions have no actions. 111: * 112: * @param name the permission name 113: * @param actions ignored 114: * @throws NullPointerException if name is null 115: * @throws IllegalArgumentException if name is invalid 116: */ 117: public AWTPermission(String name, String actions) 118: { 119: super(name); 120: } 121: } // class AWTPermission